Specification errors?

• Not the units

  • The specification was completely clear about this
  • A new programmer didn’t know or check, and used the wrong units
  • Not caught by testing, inspections, etc.
    • Tricky to catch by testing, since it was a second order effect
  • What can be done about errors like these?

• Polar lander? Unclear

  • Each module (regime) worked as specified
  • The < 40m module assumed that a variable would be in a particular state upon entry, but it wasn’t due to the leg bounce
  • What this a problem in the inter-module specification? In the implementation of the មm module? Testing? Something else?

Previous slide

Next slide

Back to first slide

View graphic version